Bluetooth is the primary wireless technology used to connect mobile telephones, laptop computers, tablet computers and the like to different accessory devices, such as keyboards, mice, speakers, watches, and headsets. Bluetooth wireless communication is often used to transfer voice data, audio playback data, and different other types of data between mobile phones and their accessories, e.g. headsets, earphones, speakers, etc.
When two devices use Bluetooth technology to pass data between the devices, an encryption and authentication process which is referred to as “Bluetooth Pairing” is used. During Bluetooth Pairing, long term and/or short term keys are exchanged, which are used during the Bluetooth Pairing for encryption and authentication. For example, a link key is generated and shared between the two devices as a shared secret. The link key may be used to encrypt information that is exchanged for example during an asynchronous connectionless link.
The pairing procedure is the most vulnerable part of the data exchange in terms of link security. The link is not secure in the beginning of the pairing procedure. The lack of a secure link at this stage allows a potential attacker to receive and understand all communication between the two sides. In addition, the different keys that may be used for security once the link is authenticated are exchanged between the two sides during the pairing procedure. If an attacker were to receive and understand the keys which are exchanged between the two sides during the pairing procedure, the attacker would be able to use the keys to decrypt all future data that is exchanged between the two sides. The attacker may even use the keys to pretend to be one of the two devices. The presence of an attacker that is able to understand the exchanged keys and possibly even take the place of one of the pairing devices means that encryption and authentication between only the desired pairing devices is no longer guaranteed.
The pairing procedure eventually produces a key to be used for all security operations. This key is also known as the “link key”. The link key security strength depends most on the association model used during the pairing procedure. The association model chosen for the pairing procedure is an outcome of the input and output capabilities of the pairing devices defined in the Bluetooth Specification [see, for example, Bluetooth Specification Version 4.2 [Vol. 3, Part C] Table 5.7: 10 Capability Mapping to Authentication Stage 1]. For example, a screen may serve as an output device, and a touch screen or a keyboard may serve as an input device.
When one of the pairing devices (the Bluetooth accessory, for instance) has no output capability and no input capability, without considering the capabilities of a second device, two optional association models for pairing the devices can be selected. The first pairing model is named “Just Works.” The Just Works association model does not require any user intervention during the pairing process and the devices assume they are the only devices around which are pairing with one another. The second possible association model is “Passkey Entry.” In the Passkey Entry association model a constant well-known passkey has to be entered in the phone to pair with the Bluetooth accessory. The same passkey code is used by the user of each device.
Both of the Just Works and Passkey Entry association models are exposed to potential man-in-the-middle (MITM) attacks and are considered unauthenticated. This means that an attacker that has been actively eavesdropping during the pairing procedure may choose to act as a man-in-the-middle MITM and identify itself as the other device towards each of the two pairing devices.
Using the Just Works and Passkey Entry association models during pairing results in the entire connection of the devices being considered unauthenticated and therefore is categorized by the security section of the Bluetooth Specification as low-medium security [see, for example, Bluetooth Specification Version 4.2 [Vol 3, Part C] Table 5.8: Security Level mapping to link key requirements].
Unfortunately, these two association models are the most common ones for pairing between phones and no-screen, no-keyboard accessories such as Bluetooth headsets, earphones and speakers.
Other known solutions like the ones presented in the article of “A comparative study of secure device pairing methods” usually use OOB channel for the association and pairing process. This means that both pairing devices have to be familiar with this specific method instead of using the method in the Bluetooth Specification. Even the method presented in the article named “Loud and Clear” uses only a small portion of the possibilities of using vocal modules for the pairing process.